void GenericAgentDiscoverContext(EvalContext *ctx, GenericAgentConfig *config)
{
GenericAgentSetDefaultDigest(&CF_DEFAULT_DIGEST, &CF_DEFAULT_DIGEST_LEN);
GenericAgentInitialize(ctx, config);
time_t t = SetReferenceTime();
UpdateTimeClasses(ctx, t);
SanitizeEnvironment();
THIS_AGENT_TYPE = config->agent_type;
EvalContextClassPutHard(ctx, CF_AGENTTYPES[config->agent_type], "cfe_internal,source=agent");
DetectEnvironment(ctx);
EvalContextHeapPersistentLoadAll(ctx);
LoadSystemConstants(ctx);
if (config->agent_type == AGENT_TYPE_AGENT && config->agent_specific.agent.bootstrap_policy_server)
{
if (!RemoveAllExistingPolicyInInputs(GetInputDir()))
{
Log(LOG_LEVEL_ERR, "Error removing existing input files prior to bootstrap");
exit(EXIT_FAILURE);
}
if (!WriteBuiltinFailsafePolicy(GetInputDir()))
{
Log(LOG_LEVEL_ERR, "Error writing builtin failsafe to inputs prior to bootstrap");
exit(EXIT_FAILURE);
}
bool am_policy_server = false;
{
const char *canonified_bootstrap_policy_server = CanonifyName(config->agent_specific.agent.bootstrap_policy_server);
am_policy_server = NULL != EvalContextClassGet(ctx, NULL, canonified_bootstrap_policy_server);
{
char policy_server_ipv4_class[CF_BUFSIZE];
snprintf(policy_server_ipv4_class, CF_MAXVARSIZE, "ipv4_%s", canonified_bootstrap_policy_server);
am_policy_server |= NULL != EvalContextClassGet(ctx, NULL, policy_server_ipv4_class);
}
if (am_policy_server)
{
Log(LOG_LEVEL_INFO, "Assuming role as policy server, with policy distribution point at %s", GetMasterDir());
EvalContextClassPutHard(ctx, "am_policy_hub", "source=bootstrap");
if (!MasterfileExists(GetMasterDir()))
{
Log(LOG_LEVEL_ERR, "In order to bootstrap as a policy server, the file '%s/promises.cf' must exist.", GetMasterDir());
exit(EXIT_FAILURE);
}
}
else
{
Log(LOG_LEVEL_INFO, "Not assuming role as policy server");
}
WriteAmPolicyHubFile(CFWORKDIR, am_policy_server);
}
WritePolicyServerFile(GetWorkDir(), config->agent_specific.agent.bootstrap_policy_server);
SetPolicyServer(ctx, config->agent_specific.agent.bootstrap_policy_server);
/* FIXME: Why it is called here? Can't we move both invocations to before if? */
UpdateLastPolicyUpdateTime(ctx);
Log(LOG_LEVEL_INFO, "Bootstrapping to '%s'", POLICY_SERVER);
}
else
{
char *existing_policy_server = ReadPolicyServerFile(GetWorkDir());
if (existing_policy_server)
{
Log(LOG_LEVEL_VERBOSE, "This agent is bootstrapped to '%s'", existing_policy_server);
SetPolicyServer(ctx, existing_policy_server);
free(existing_policy_server);
UpdateLastPolicyUpdateTime(ctx);
}
else
{
Log(LOG_LEVEL_VERBOSE, "This agent is not bootstrapped");
return;
}
if (GetAmPolicyHub(GetWorkDir()))
{
EvalContextClassPutHard(ctx, "am_policy_hub", "source=bootstrap,deprecated,alias=policy_server");
Log(LOG_LEVEL_VERBOSE, "Additional class defined: am_policy_hub");
EvalContextClassPutHard(ctx, "policy_server", "inventory,attribute_name=CFEngine roles,source=bootstrap");
Log(LOG_LEVEL_VERBOSE, "Additional class defined: policy_server");
}
}
}
void GenericAgentDiscoverContext(EvalContext *ctx, GenericAgentConfig *config)
{
strcpy(VPREFIX, "");
Log(LOG_LEVEL_VERBOSE, " %s", NameVersion());
Banner("Initialization preamble");
GenericAgentSetDefaultDigest(&CF_DEFAULT_DIGEST, &CF_DEFAULT_DIGEST_LEN);
GenericAgentInitialize(ctx, config);
time_t t = SetReferenceTime();
UpdateTimeClasses(ctx, t);
SanitizeEnvironment();
THIS_AGENT_TYPE = config->agent_type;
LoggingSetAgentType(CF_AGENTTYPES[config->agent_type]);
EvalContextClassPutHard(ctx, CF_AGENTTYPES[config->agent_type],
"cfe_internal,source=agent");
DetectEnvironment(ctx);
EvalContextHeapPersistentLoadAll(ctx);
LoadSystemConstants(ctx);
const char *bootstrap_arg =
config->agent_specific.agent.bootstrap_policy_server;
/* Are we bootstrapping the agent? */
if (config->agent_type == AGENT_TYPE_AGENT && bootstrap_arg != NULL)
{
EvalContextClassPutHard(ctx, "bootstrap_mode", "source=environment");
if (!RemoveAllExistingPolicyInInputs(GetInputDir()))
{
Log(LOG_LEVEL_ERR,
"Error removing existing input files prior to bootstrap");
exit(EXIT_FAILURE);
}
if (!WriteBuiltinFailsafePolicy(GetInputDir()))
{
Log(LOG_LEVEL_ERR,
"Error writing builtin failsafe to inputs prior to bootstrap");
exit(EXIT_FAILURE);
}
char canonified_ipaddr[strlen(bootstrap_arg) + 1];
StringCanonify(canonified_ipaddr, bootstrap_arg);
bool am_policy_server =
EvalContextClassGet(ctx, NULL, canonified_ipaddr) != NULL;
if (am_policy_server)
{
Log(LOG_LEVEL_INFO, "Assuming role as policy server,"
" with policy distribution point at: %s", GetMasterDir());
MarkAsPolicyServer(ctx);
if (!MasterfileExists(GetMasterDir()))
{
Log(LOG_LEVEL_ERR, "In order to bootstrap as a policy server,"
" the file '%s/promises.cf' must exist.", GetMasterDir());
exit(EXIT_FAILURE);
}
CheckAndSetHAState(GetWorkDir(), ctx);
}
else
{
Log(LOG_LEVEL_INFO, "Assuming role as regular client,"
" bootstrapping to policy server: %s", bootstrap_arg);
if (config->agent_specific.agent.bootstrap_trust_server)
{
EvalContextClassPutHard(ctx, "trust_server", "source=agent");
Log(LOG_LEVEL_NOTICE,
"Bootstrap mode: implicitly trusting server, "
"use --trust-server=no if server trust is already established");
}
}
WriteAmPolicyHubFile(am_policy_server);
WritePolicyServerFile(GetWorkDir(), bootstrap_arg);
SetPolicyServer(ctx, bootstrap_arg);
/* FIXME: Why it is called here? Can't we move both invocations to before if? */
UpdateLastPolicyUpdateTime(ctx);
}
else
{
char *existing_policy_server = ReadPolicyServerFile(GetWorkDir());
if (existing_policy_server)
{
Log(LOG_LEVEL_VERBOSE, "This agent is bootstrapped to: %s",
existing_policy_server);
SetPolicyServer(ctx, existing_policy_server);
free(existing_policy_server);
UpdateLastPolicyUpdateTime(ctx);
}
else
{
Log(LOG_LEVEL_VERBOSE, "This agent is not bootstrapped -"
" can't find policy_server.dat in: %s", GetWorkDir());
return;
}
if (GetAmPolicyHub())
{
MarkAsPolicyServer(ctx);
/* Should this go in MarkAsPolicyServer() ? */
CheckAndSetHAState(GetWorkDir(), ctx);
}
}
}
void GenericAgentDiscoverContext(EvalContext *ctx, GenericAgentConfig *config)
{
GenericAgentInitialize(ctx, config);
SetReferenceTime(ctx, true);
SetStartTime();
SanitizeEnvironment();
THIS_AGENT_TYPE = config->agent_type;
EvalContextHeapAddHard(ctx, CF_AGENTTYPES[config->agent_type]);
GenericAgentSetDefaultDigest(&CF_DEFAULT_DIGEST, &CF_DEFAULT_DIGEST_LEN);
GetNameInfo3(ctx, config->agent_type);
GetInterfacesInfo(ctx);
Get3Environment(ctx, config->agent_type);
BuiltinClasses(ctx);
OSClasses(ctx);
EvalContextHeapPersistentLoadAll(ctx);
LoadSystemConstants(ctx);
if (config->agent_type == AGENT_TYPE_AGENT && config->agent_specific.agent.bootstrap_policy_server)
{
if (!RemoveAllExistingPolicyInInputs(GetWorkDir()))
{
Log(LOG_LEVEL_ERR, "Error removing existing input files prior to bootstrap");
exit(EXIT_FAILURE);
}
if (!WriteBuiltinFailsafePolicy(GetWorkDir()))
{
Log(LOG_LEVEL_ERR, "Error writing builtin failsafe to inputs prior to bootstrap");
exit(EXIT_FAILURE);
}
bool am_policy_server = false;
{
const char *canonified_bootstrap_policy_server = CanonifyName(config->agent_specific.agent.bootstrap_policy_server);
am_policy_server = IsDefinedClass(ctx, canonified_bootstrap_policy_server, NULL);
{
char policy_server_ipv4_class[CF_BUFSIZE];
snprintf(policy_server_ipv4_class, CF_MAXVARSIZE, "ipv4_%s", canonified_bootstrap_policy_server);
am_policy_server |= IsDefinedClass(ctx, policy_server_ipv4_class, NULL);
}
if (am_policy_server)
{
Log(LOG_LEVEL_INFO, "Assuming role as policy server, with policy distribution point at %s/masterfiles", GetWorkDir());
EvalContextHeapAddHard(ctx, "am_policy_hub");
if (!MasterfileExists(GetWorkDir()))
{
Log(LOG_LEVEL_ERR, "In order to bootstrap as a policy server, the file '%s/masterfiles/promises.cf' must exist.", GetWorkDir());
exit(EXIT_FAILURE);
}
}
else
{
Log(LOG_LEVEL_INFO, "Not assuming role as policy server");
}
WriteAmPolicyHubFile(CFWORKDIR, am_policy_server);
}
WritePolicyServerFile(GetWorkDir(), config->agent_specific.agent.bootstrap_policy_server);
SetPolicyServer(ctx, config->agent_specific.agent.bootstrap_policy_server);
Log(LOG_LEVEL_INFO, "Bootstrapping to '%s'", POLICY_SERVER);
}
else
{
char *existing_policy_server = ReadPolicyServerFile(GetWorkDir());
if (existing_policy_server)
{
Log(LOG_LEVEL_VERBOSE, "This agent is bootstrapped to '%s'", existing_policy_server);
}
else
{
Log(LOG_LEVEL_VERBOSE, "This agent is not bootstrapped");
}
SetPolicyServer(ctx, existing_policy_server);
if (GetAmPolicyHub(GetWorkDir()))
{
EvalContextHeapAddHard(ctx, "am_policy_hub"); // DEPRECATED: use policy_server instead
Log(LOG_LEVEL_VERBOSE, "Additional class defined: am_policy_hub");
EvalContextHeapAddHard(ctx, "policy_server");
Log(LOG_LEVEL_VERBOSE, "Additional class defined: policy_server");
}
}
}
void GenericInitialize(int argc,char **argv,char *agents)
{ enum cfagenttype ag = Agent2Type(agents);
char vbuff[CF_BUFSIZE];
int ok = false;
#ifdef HAVE_NOVA
CF_DEFAULT_DIGEST = cf_sha256;
CF_DEFAULT_DIGEST_LEN = CF_SHA256_LEN;
#else
CF_DEFAULT_DIGEST = cf_md5;
CF_DEFAULT_DIGEST_LEN = CF_MD5_LEN;
#endif
InitializeGA(argc,argv);
SetReferenceTime(true);
SetStartTime(false);
SetSignals();
SanitizeEnvironment();
strcpy(THIS_AGENT,CF_AGENTTYPES[ag]);
NewClass(THIS_AGENT);
THIS_AGENT_TYPE = ag;
// need scope sys to set vars in expiry function
SetNewScope("sys");
if (EnterpriseExpiry())
{
CfOut(cf_error,"","Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
exit(1);
}
if (AM_NOVA)
{
CfOut(cf_verbose,""," -> This is CFE Nova\n");
}
if (AM_CONSTELLATION)
{
CfOut(cf_verbose,""," -> This is CFE Constellation\n");
}
NewScope("const");
NewScope("match");
NewScope("mon");
GetNameInfo3();
CfGetInterfaceInfo(ag);
if (ag != cf_know)
{
Get3Environment();
BuiltinClasses();
OSClasses();
}
LoadPersistentContext();
LoadSystemConstants();
snprintf(vbuff,CF_BUFSIZE,"control_%s",THIS_AGENT);
SetNewScope(vbuff);
NewScope("this");
NewScope("match");
if (BOOTSTRAP)
{
CheckAutoBootstrap();
}
else
{
if (strlen(POLICY_SERVER) > 0)
{
CfOut(cf_verbose,""," -> Found a policy server (hub) on %s",POLICY_SERVER);
}
else
{
CfOut(cf_verbose,""," -> No policy server (hub) watch yet registered");
}
}
SetPolicyServer(POLICY_SERVER);
if (ag != cf_keygen)
{
if (!MissingInputFile())
{
bool check_promises = false;
if (SHOWREPORTS)
{
check_promises = true;
CfOut(cf_verbose, "", " -> Reports mode is enabled, force-validating policy");
}
if (IsFileOutsideDefaultRepository(VINPUTFILE))
{
check_promises = true;
CfOut(cf_verbose, "", " -> Input file is outside default repository, validating it");
}
if (NewPromiseProposals())
{
check_promises = true;
CfOut(cf_verbose, "", " -> Input file is changed since last validation, validating it");
}
if (check_promises)
{
ok = CheckPromises(ag);
if (BOOTSTRAP && !ok)
{
CfOut(cf_verbose, "", " -> Policy is not valid, but proceeding with bootstrap");
ok = true;
}
}
else
{
CfOut(cf_verbose, "", " -> Policy is already validated");
ok = true;
}
}
if (ok)
{
ReadPromises(ag,agents);
}
else
{
CfOut(cf_error,"","cf-agent was not able to get confirmation of promises from cf-promises, so going to failsafe\n");
snprintf(VINPUTFILE,CF_BUFSIZE-1,"failsafe.cf");
ReadPromises(ag,agents);
}
if (SHOWREPORTS)
{
CompilationReport(VINPUTFILE);
}
CheckLicenses();
}
XML = 0;
}
